CVE-2023-20057

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:email_security_appliance_c160:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c170:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c190:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c370:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c370d:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c380:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c390:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c670:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c680:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c690:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_c690x:-:::::::*
	cpe:2.3:h:cisco:email_security_appliance_x1070:-:::::::*

History

07 Nov 2023, 04:05

Type	Values Removed	Values Added
Summary	A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.	A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.

Information

Published : 2023-01-20 07:15

Updated : 2024-02-28 19:51

NVD link : CVE-2023-20057

Mitre link : CVE-2023-20057

CVE.ORG link : CVE-2023-20057

JSON object : View

Products Affected

cisco

email_security_appliance_c390
email_security_appliance_c160
email_security_appliance_c690x
email_security_appliance_c170
email_security_appliance_c680
email_security_appliance_c380
email_security_appliance_c370
asyncos
email_security_appliance_c690
email_security_appliance_c370d
email_security_appliance_x1070
email_security_appliance_c670
email_security_appliance_c190

CWE

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-792

Incomplete Filtering of One or More Instances of Special Elements

5.3 /10